Candidate: CVE-2017-14628
PublicDate: 2017-09-21 07:29:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14628
 https://github.com/pts/sam2p/issues/14
Description:
 In sam2p 0.49.3, a heap-based buffer overflow exists in the pcxLoadImage24
 function of the file in_pcx.cpp.
Ubuntu-Description:
 It was discovered that Sam2p incorrectly handled certain image files.
 An attacker could possibly use this issue to cause a denial of service
 or other unspecified impact.
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H [9.8 CRITICAL]

Patches_sam2p:
upstream_sam2p: released (0.49.2-3+deb8u1)
precise/esm_sam2p: DNE
trusty_sam2p: released (0.49.2-3+deb8u3build0.14.04.1)
trusty/esm_sam2p: DNE (trusty was released [0.49.2-3+deb8u3build0.14.04.1])

vivid/ubuntu-core_sam2p: DNE
xenial_sam2p: released (0.49.2-3+deb8u3build0.16.04.1)
zesty_sam2p: DNE
artful_sam2p: DNE
bionic_sam2p: DNE
devel_sam2p: DNE